Skip to content Skip to navigation Skip to footer


With flexible deployment options, FortiNDR Cloud and FortiNDR, part of the Fortinet SecOps Platform, give your security team the ability to detect, prioritize, investigate, hunt, and respond to attacks across your network. Through the power of AI-based detections and expert analysis, security teams can spot the evidence of attacker behavior early, enabling effective response across your IT/OT/IoT environments.

FortiNDR Cloud UI

Agentless Visibility Across Your Network with FortiNDR Cloud

Network detection and response combines AI-based, human, and behavioral network traffic analysis to look for signs of malicious activity without the need for installed agents. Through this metadata analysis, FortiNDR Cloud creates high-fidelity detections that improve response efforts. FortiNDR Cloud is a SaaS offering that is built to meet your architecture and security requirements. 

FortiNDR: Ideal for Air-Gapped Environments

Mission-critical infrastructure and air-gapped environments need to meet additional confidentiality and compliance requirements. FortiNDR can operate in an isolated environment, ensuring secure operations while providing full visibility into IT/OT network traffic. The solution automates investigation efforts through AI-driven network-traffic and file-based analysis, providing real-time identification of advanced threats, including persistent threats that may be lingering in your network.  

Orchestrated Incident Response

FortiNDR solutions allow security teams to pivot from detection to investigation to threat hunting with a few clicks. Providing integrations with the Fortinet Security Fabric and numerous third-party tools such as EDR, SOAR, SIEM, and XDR, FortiNDR solutions ensure you can automate investigation, triage, and remediation.

Features and Benefits

FortiNDR Cloud and FortiNDR leverage AI/ML, behavioral, and human analysis to analyze network traffic, including encrypted traffic, to detect malicious behavior while reducing false positives.

AI-powered detection

Supervised and unsupervised AI/ML continuously analyze network metadata

Streamlined threat hunting

Automatic investigations, guided playbooks accelerate triage and response

Orchestrated response

Integration with the Fortinet Security Fabric and third- party vendors ensures automated response

FortiGuard-Powered Threat Intel

ML and rule-based detections are backed by FortiGuard Labs threat intelligence

Designed for OT Networks

FortiNDR is an OT-aware solution with optional industrial security and OT malware detection

Decreased Operational Costs

FortiNDR Cloud guided-SaaS reduces NDR management and maintenance costs


MITRE ATT&CK technique coverage


Data retention for retrospective analysis


OT protocols, applications, and vendors supported

Enterprise Analyst Validation

The Forrester Wave™: Network Analysis And Visibility, Q2 2023
ESG Economic Validation on Fortinet SecOps Fabric
The Forrester Wave™: Network Analysis and Visibility, Q3 2023. The figure ranks companies based on the strength of their offering and their strategy on a scatter plot, with 13 providers being categorized into four waves: challengers, contenders, strong performers, and leaders. Fortinet is in the strong performer category.
Fortinet Named a Strong Performer in The Forrester Wave™: Network Analysis and Visibility, Q3 2023

See why Fortinet NDR solutions received the highest score possible in the threat detection and detection technologies criteria.

"Fortinet’s integrations with the broader Fortinet portfolio provide exceptional visibility across disparate networks and the remote workforce..."

Download Report »
ESG Economic Validation: The Quantified Benefits of Fortinet Security Operations Solutions. Improved security team operational efficiency and reduced risk to the organization, each by up to 99%. Written by Aviv Kaufmann, Practice Director and Principal Economic Validation Analyst at Enterprise Strategy Group. July 2023
The Quantified Benefits of Fortinet Security Operations Solutions
As enterprises evolve, new technologies emerge, and cybercriminals introduce more sophisticated attacks, security leaders and their teams face a variety of challenges in securing the organization’s networks. This new report published by Enterprise Strategy Group details the benefits of using Fortinet Security Operations solutions, including improved operational efficiency and more effective risk management.
Download Report »

FortiGuard AI-Powered Security Services

FortiGuard Labs - Fortinet’s elite cybersecurity threat intelligence and research organization comprised of experienced threat hunters, researchers, analysts, engineers, and data scientists - develops and enhances FortiGuard AI-powered Security Services as well as provides valuable expert help through FortiGuard Expert-driven Security Services.

Models and Specifications

FortiNDR Cloud and FortiNDR are designed to detect threats that may have slipped past traditional security solutions by looking for telltale signs of attacker activity though analyzing network traffic. Fortinet’s network detection and response solution is available as a cloud-based SaaS model or a local, on-premises option. Please select the option below for more information.

Features FortiNDR
Deployment SaaS

Data Storage Location

Cloud-based (US)
Integrations SIEM/XDR/EDR

Data Retention

365 days
Sensors Hardware - FortiNDRCloud-900F (Large sensor)​
Hardware - FortiNDRCloud-500F (Small sensor)​
Virtual sensors (AWS/Azure/ESXi/KVM)​
Features FortiNDR
Deployment On-premises - suitable for OT, air-gapped environments

Data Storage Location

Integrations Local Fortinet Fabric integration

Data Retention

Deployment Mode Hardware - FortiNDR-3500F (Center, Standalone)
Hardware - FortiNDR-1000F (Sensor, Standalone)
VM16/VM32 (ESXi/KVM) (Sensor, Standalone)
AWS/Azure/GCP/Alibaba (Sensor, Standalone)

FortiCare Support & Professional Services

Fortinet is dedicated to helping our customers succeed, and every year FortiCare services help thousands of organizations get the most from their investments in Fortinet's products and services. To achieve this, FortiCare follows the life-cycle approach and provides unique services to help our customers in their success journeys.

Technical Support Services

Technical Support Services

Various per-device options are available for efficient operations. FortiCare Elite option provides a 15-minute response time for critical products.



Priority RMA options are available across the product family for expedited replacement of defective hardware to meet your availability objectives.


Data Sheets
Analyst Reports
White Papers
Solution Briefs

Free Product Demo

FortiNDR represents the future of AI-driven breach protection technology, designed for short-staffed SOC teams to defend against threats. A trained Virtual Security Analyst™ helps identify, classify, and respond to threats. FortiNDR employs deep neural networks based on advanced AI and artificial neural network to provide sub-second investigation.